A certain class of software attacks relies on being able to modify application binaries. Remote attestation is a procedure that aims to identify to a remote entity what software, or applications, is/are currently running in an environment. Remote attestation procedures may include measuring each corresponding application binary before it starts and sending the measurement(s) to the remote entity. By comparing the measurements to expected measurements, remote detection of attacks that modify application binaries is possible.
In order to trust the measurements performed for remote attestation, a chain of trust may be created during boot-up. The chain of trust may start from a trust anchor, and each element in the chain of trust may first measure the application binary of the next element before it starts the next element. In this manner, it is always a trusted entity that performs each measurement.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one example technology area where some embodiments described herein may be practiced.